Difference between revisions of "Authorization"

Jump to: navigation, search
(Replacing page with 'Category:Control')
Line 1: Line 1:
Check [[Guide to Authorization]] for contents
Build an authentication mechanism, which will block account after N tries for a given IP address, from which log in attempt was conducted.
To minimize the possibility of blocking an owner's account we may take under consideration other characteristics like User-Agent or X_FORWARDED_FOR (if it's present).
Moreover, after N login attempts, but before blocking the account, we may include additional verification by comparing data entered by
the user and data displayed to him/her on the picture (CAPTCHA).
Such approach should slow down, limit log in attempts only to the valid user or even prevent conducting unwanted attempts generally.

Revision as of 11:15, 27 October 2008